Sony is the latest big-name company to have its computer network hacked. Corporate information and entire films were leaked online in what some suspect is retaliation by the North Korean government. In other governance, risk and compliance (GRC) news, a growing number of U.S. law schools are offering compliance courses or programs, and specialized security startups are drawing the eye of Silicon Valley investors.
North Korea calls Sony hack a ‘righteous deed’
The North Korean government this week denied any involvement in last week’s hack of Sony Pictures’ computer systems, but said its “supporters and sympathizers” may have carried out the “righteous deed.”
An article published by the North Korean government-run KCNA news agency accused Sony of “abetting a terrorist act” by producing The Interview, a movie starring James Franco and Seth Rogen as journalists enlisted by the CIA to assassinate North Korean leader Kim Jong-un. The attackers posted films online that have not yet been released, and disclosed the salary information, email addresses and Social Security numbers of thousands of Sony employees, including celebrities. Sony Pictures said it is currently working with law enforcement to investigate the breach, and the FBI is also probing the attack.
More U.S. law schools offer compliance-centric programs
A dearth of U.S. law schools offer courses or degrees tailored to the compliance officer job, but Reuters reports the landscape is slowly changing. A major driver is the thriving compliance industry: The base salary of compliance offers has been rising 3.5% every year since 2011, and companies such as JPMorgan Chase are bolstering compliance functions even as they make cuts in other areas.
One such program featured by Reuters is New York University Law School’s Corporate Compliance and Enforcement (PCCE), wherein students build compliance expertise through relevant coursework and insight from leading practitioners and guest teachers. Another institution, George Washington University Law School in Washington, D.C., offers a compliance and ethics course focusing on the legal issues that surround anticorruption regulations.
Security startups attract more investor funds
As data breaches become the norm, security startups are increasingly drawing attention from Silicon Valley investors, The New York Times‘ Bits blog reports. According to research firm CB Insights, last year there were 240 investments in these startups with a combined worth of $1.7 billion, up from 83 investments worth $340 million in 2009.
All types of security startups are garnering money from investors, including those dedicated to access control and identity management, the creation of secure spaces on computers for different processes, and network monitoring and alerts if anything suspicious occurs.
Established security companies such as Symantec and Juniper are striving not just to compete with the more specialized products and services these startups offer, but also to attract and retain talent as their lucrative and well-paying smaller rivals hire much sought-after security engineers.